Description of problem: AVC denials appear in audit.log when radvd starts. Version-Release number of selected component (if applicable): selinux-policy-3.3.1-116.fc9.noarch selinux-policy-targeted-3.3.1-116.fc9.noarch How reproducible: Always Steps to Reproduce: 1. start radvd 2. look in audit.log Actual results: 28 messages logged to audit.log that look like type=AVC msg=audit(1230449705.134:2914): avc: denied { net_admin } for pid=21 290 comm="radvd" capability=12 scontext=unconfined_u:system_r:radvd_t:s0 tcontex t=unconfined_u:system_r:radvd_t:s0 tclass=capability Expected results: No AVC denials Additional info: I've only started using radvd, so I'm not certain what functionality is getting blocked. Nevertheless, I generated and installed the following policy with audit2allow. require { type radvd_t; class capability net_admin; } require { type radvd_t; class capability net_admin; } #============= radvd_t ============== allow radvd_t self:capability net_admin;
Fixed in selinux-policy-3.3.1-117.fc9.noarch
Fix verified. I'll close the bug when 117 (or later) goes to updates for F9.
selinux-policy-3.3.1-117.fc9.noarch is in updates. Closing.